1 |
Also remember that the vast majority of people who might want to steal |
2 |
something like say credit cards, will instead try to break into your |
3 |
server and steal your private key. I would say that in all cases this |
4 |
is how some hacker somewhere is going to try to get the information. |
5 |
|
6 |
> -----Original Message----- |
7 |
> From: TRauMa [mailto:trauma@××××××××××××××.de] |
8 |
> Sent: Thursday, October 28, 2004 10:22 AM |
9 |
> To: gentoo-server@l.g.o |
10 |
> Subject: Re: [gentoo-server] How many years does a Pentium |
11 |
> 1GHz PC averagely need to crack IDEA? |
12 |
> |
13 |
> |
14 |
> Zhang Weiwu wrote: |
15 |
> |
16 |
> > Hello. First my math skill is very bad. I cannot understand the |
17 |
> > cryptology (even though I tried). I am now using IDEA for |
18 |
> my server's |
19 |
> > SSL. My users wish to know how safe it is, I wish I can |
20 |
> give a clear |
21 |
> > answer. |
22 |
> > |
23 |
> > I don't know if cracking IDEA is anything related to the content |
24 |
> > length? I mean, does decrypt a 100Bytes encrypted document same |
25 |
> > difficult as decrypting a 100MBytes document? |
26 |
> |
27 |
> Yes. Cracking time depends on algorithm and key length (or key length |
28 |
> only, if you apply brute force). After you cracked the key, you can |
29 |
> decrypt the message as fast as anyone having the key. |
30 |
> |
31 |
> > If cracking time is not related to content length, how difficult to |
32 |
> > crack it? If I have a Pentium 1GHz PC, how many years |
33 |
> averagely do I |
34 |
> > need to crack it? 1,000 years? 1,000,000 years? |
35 |
> |
36 |
> If this is multiple choice, I'd choose the latter :-). Let's just say |
37 |
> it's not feasible to crack the key, most data corruption is |
38 |
> done through |
39 |
> man-in-the-middle, root kits/keylogger, password as post-it on |
40 |
> pc-screen... Anyone having the ressources to crack IDEA |
41 |
> should also be |
42 |
> able to find a weaker link. |
43 |
> |
44 |
> HTH, |
45 |
> T. |
46 |
> |